29 Aug
2020
29 Aug
'20
11:24 a.m.
On Saturday 29 August 2020 04:04:55 Dr. Nikolaus Klepp wrote:
Yeah, I tried that, but I always end up with this same problem. When I
tried setting a root password before (because it always seemed like the
*right* answer), I got this same result.
When I made the move from Kubuntu to Debian, I went through this
root-password thing at least 5 or 6 times. I always ended up with a
system where I could not be granted admin or root privileges ... EXCEPT
in a sudo su shell! So that's what I usually do: I create a sudo su
shell, then exit and allow permissions to expire, then when I need quick
access again, I just hit my UP arrow key, re-enter password, and go back
into sudo su to kill something or whatever else needs immediate
attention.
Now, it would be nice to crack this nut, once and for all, but I don't
want to keep asking my own machine for permission to do things. The
question is, which of us is master?
Hm. I'm quite sure I'm master on my systems, but that could be a delusion
...
What I have not understood yet: you can get root access from terminal with
"su" or you have to use "sudo bash" ?
Thanks, Nik! I'm glad somebody is willing to explain this to me like I am a
child. I probably ought to have got this years and years ago, but since I
don't need it so much in a group setting, or office, I could put it off.
Some of this discussion has been superseded by another email, as they crossed
paths.
However, in answer to this point: When I open a terminal, type "sudo su", I
can enter my password, and then I am root. I can do whatever I want to my
system, no matter how ill-conceived and dangerous. However, I cannot use it
to launch gui programs, only to run some root commands, such as when I want
to run pkill to kill several processes all at once, because they relate to
something else that is running away.
When I am done, I type exit, or I can even kill su processes, rather than
waiting for permissions to expire.
But when I (was) try(ing) to run a gui program (for example, gufw), I would be
asked for my password, then told that it was incorrect. I have set my system
not to allow root logins. There is no separate admin apart from the present
author, although I cannot just do anything; I still must enter my password to
become su.
However, without having installed quite all the trinity-sudo packages, I was
denied root permissions, except in the shell, by running "sudo su".
Sorry for the tedious details, but I do want to get to the bottom of this
issue, even though it may be self-inflicted.
Bill
#1 - When
installing, I deliberately chose *not* to set a root
password; since nobody else ever gets to touch my system, it is
enough that my user password is granted root privileges when I use
sudo or su.
Always set a root password, even it's 123456789. Not all programs
accept root without password. > > > Anyway, so now, suddenly, I am asked
for the root password in order
> > > to run gufw and other such stuff. But when I enter my password, I get
> > > a message that the password is incorrect. This happened before, long
> > > ago, when I first switched from (k)ubuntu to debian; debian seems to
> > > have a stricter default policy, which is probably a good thing, and I
> > > probably ought to get the hang of this thing, right?
> > >
> > > So I need an easier solution than whatever this is that I am doing
> > > (or not doing). I have been combing through my Linux pocket guide and
> > > Linux in a Nutshell and Linux Bible, etc., but they all say the same
> > > thing, and none of them work.
> > >
> > > #2 - I still want a graphical firewall that runs like the old
> > > Firestarter; gufw isn't quite what I want, or maybe I just
haven't
> > > yet configured it properly.
> >
> > didn't know Firestarter, but it loks nice for a firewall. I have to
> > admit I don't like linux firewall (I prefer the BSD way). Anyway, I use
> > "ufw" - it has a nice GUI, depending on your text editor :)
> >
> > > What I want is not just a GUI, but instead, one that displays *active
> > > connections* as they appear and disappear, and allows changing rules
> > > on the fly. Is there such a thing?
> >
> > "fierwall-applet" could be what you want, but it drags in a hole
bunch
> > of things.
>
> Will check it out, thanks.
>
> > > Running it in a terminal would suit me just fine, so long as it is a
> > > dynamic display of active connections as they occur. Also an easier
> > > way to edit iptables. (I read that there is some new "thing" to
> > > replace iptables, meaning that ufw and gufw and their kin will all
> > > become obsolete very soon, apparently being phased out, and I had a
> > > hard time downloading them.)
> > >
> > > Another possible fix would be: to pass my firestarter rules (based on
> > > iptables) along to ufw/gufw.
> >
> > gufw? a gui for ufw? Abomoination!
> > That could definitly be done. Are you in for a bit of shell black
> > magic?
>
> I am always prepared for some black magic. That is why I keep my *Linux
> in a Nutshell* grimoire always close to hand. Oh, and salt, burning
> sulfur, candles and incense, and some cats.
>
> I used to keep goats and chickens, but nowadays my landlord is always
> complaining.
>
> Seriously, whatever you can recommend to get me back "in control" of the
> Mother Ship.
>
> Thanks a bunch!
>
> > > But anyway, what I want is to see my active connections. (See
> > > enclosed screenshot.)
> > >
> > > Any help or comments or suggestions are appreciated. If not, at least
> > > a good joke.
> >
> > Windows guys suggest to run a firewall in amazon cloud and send all
> > your network through it. I still have not figured out if tis is a bad
> > joke or that they actully do, but I have the strong feeling this is a
> > seriouse advise (there are commertial offers for this kind of stuff).
>
> It sounds like these kids forget everything about security, privacy,
> whenever somebody says the word "cloud" -- then it's all okay.
>
> > > Bill
> > >
> > > P.S. The worst insult is, just before my upgrade, I had got my Jessie
> > > system fine-tuned to near-perfection, and was feeling rather smug and
> > > virtually bulletproof. On the bright side: Beowulf/Buster does seem
> > > to run better, overall, except for when I can't get it to DO WHAT I
> > > WANT.
> > >
> > > :-\
> > >
> > > See screenshot for firewall example.
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail:
> trinity-users-unsubscribe(a)lists.pearsoncomputing.net For additional
> commands, e-mail: trinity-users-help(a)lists.pearsoncomputing.net Read list
> messages on the web archive: http://trinity-users.pearsoncomputing.net/
> Please remember not to top-post:
> http://trinity.pearsoncomputing.net/mailing_lists/#top-posting
---------------------------------------------------------------------
To unsubscribe, e-mail: trinity-users-unsubscribe(a)lists.pearsoncomputing.net
For additional commands, e-mail: trinity-users-help(a)lists.pearsoncomputing.net
Read list messages on the web archive: http://trinity-users.pearsoncomputing.net/
Please remember not to top-post:
http://trinity.pearsoncomputing.net/mailing_lists/#top-posting